Best practice for verifying a GitLab user?

s.penhouet · December 15, 2017, 10:04am

The user can enter his/her GitLab username (and additional fields if needed) in a UI.

What is the best practice to verify that the user is valid and that the user is the real owner of the entered account over the GitLab API?

This should also support external login methods (GitHub, …).

Cornos · September 25, 2018, 7:32am

The best practice is using a GPG key or SSH key to ensure that we have a verified status

Topic		Replies	Views
Unverified signature using GitHub mirrored repository GitLab CI/CD	1	1170	October 7, 2020
How to validate the gitlab user mail ID and password with admin token? How to Use GitLab	0	838	January 10, 2018
Commits made on GitHub web interface are unverified on GitLab side How to Use GitLab github	0	688	March 16, 2020
Work without SSH key? How to Use GitLab	2	23536	October 16, 2015
User git and security Self-managed	2	2679	June 16, 2016